Skip to content

✍🏻 Customize your own workflow

All Workflow files are YAML-based so make sure you follow the YAML syntax. Otherwise, it wouldn't work

What is the {{.Binaries}} in the workflow?

{{.Binaries}} will be replaced with ~/osmedeus/binaries/ where I store all the binaries for running the workflow . If you already install it in your $PATH environment variable then you can just use the tool directly like your-tool -t {{.Target}} instead of {{.Binaries}}/your-tool -t {{.Target}}

After the installation process is finished, your workflow will be stored at ~/osmedeus-base/workflow.

1. Tweaking commands or threads of the tool depends on your machine specification

You can start tweaking the workflow right away by edit any command in module file at ~/osmedeus-base/workflow/general/ folder.

For example you can edit the thread of ffuf command here on dirbscan module

# --snippet--

params:
  - inputfile: "{{.Output}}/probing/http-{{.Workspace}}.txt"
### You can start customizing the command here with the wordlist or the threads of ffuf tool
  - wordlists: "{{.Data}}/wordlists/content/small.txt"
  - ffThreads: '20' # threads for single site
### 
  - dirbThreads: '10'
  - lines: "20"
  - dlimit: '50000'
  - recursion: '0'
  - commitLength: '400'
  - chan: '#mics'

pre_run:
  - CreateFolder("{{.Output}}/directory")

steps:
  # check if the size is too big, We don't want tons of garbage here
  - conditions:
      - "FileLength('{{.inputfile}}') > {{.dlimit}}"
    scripts:
      - ErrPrintf("Filter", "Got input file greater than {{.dlimit}} line")
      - Exit(1)

  - required:
      - "{{.Binaries}}/ffuf"
      - "{{.inputfile}}"
    source: "{{.inputfile}}"
    threads: '{{.dirbThreads}}'
    commands:
      - "{{.Binaries}}/ffuf -t {{.ffThreads}} -timeout 15 -ac -fc '429,403,404' -D -e 'asp,aspx,pl,php,html,htm,jsp,cgi' -of json -o {{.Output}}/directory/raw-[[._id_]].json -u '[[.line]]/FUZZ' -w {{.wordlists}}:FUZZ"

# --snippet--

You can also use the force-params: true in flow file to override the threads in module file like this flow

name: gently-extensive
desc: run extensive routine but with very low threads
type: general
validator: domain
force-params: true

params:
  - subfinderThreads: "20"
  # probing
  - dnsThreads: "300"
  - httpThreads: "30"
  - massdnsRateBrute: "300"
  # screenshot
  - screenThreads: "8"
  # fingerprint & spider
  - ssthreads: "30"
  - overviewThreads: '30'
  - stoThreads: '30'
  - spiderThreads: "5"

  # vulnscan
  - nucleiThreads: "30"
  - jaelesThreads: "20"
  # dirbscan
  - ffThreads: '20' # threads for single ffuf-scan
  - dirbThreads: '2' # how many ffuf run at the same time
  # portscan
  - ports: "0-65535"
  - rateRustScan: "5000"
  - nmapThreads: "10"

routines:
  - flow: 'extensive'
    modules:
      - subdomain
  - flow: 'extensive'
    modules:
      - probing
  - flow: 'extensive'
    modules:
      - ssame
  - modules:
      - screenshot
  - modules:
      - sto
      - fingerprint
  - flow: 'extensive'
    modules:
      - spider
      - archive
  - modules:
      - ipspace
  - modules:
      - vulnscan

  - modules:
      - portscan

  - flow: 'extensive'
    modules:
      - dirbscan

  - flow: 'extensive'
    modules:
      - port-fingerprint
      - pvulnscan # doing vulnscan + dirbscan on portscan result too

2. Fork another one from community workflow

Fork this repo from here https://github.com/osmedeus/osmedeus-workflow and change anything you want and put it to ~/osmedeus-base/workflow folder.

or you can put it in a custom folder then use this command.

osmedeus scan --wfFolder ~/custom-workflow/ -f your-custom-workflow -t sample.com

3. Add your new tool to existing workflow

For example, you have a new tool for subdomain enumeration called awesome-subdomain-enum and the usage of it is like awesome-subdomain-enum -t sample.com -o output.txt.

You can easily add it to the existing workflow by adding the following command awesome-subdomain-enum -t {{.Target}} >> {{.Output}}/subdomain/sum-{{.Workspace}}.txt to the subdomain.yaml file at ~/osmedeus-base/workflow/general/subdomain.yaml.

# --snippet--

steps:
  - required:
      - "{{.Binaries}}/amass"
      - "{{.Binaries}}/subfinder"
      - "{{.Binaries}}/assetfinder"
      - "{{.Binaries}}/findomain"
    commands:
      - "timeout -k 1m {{.amassTimeout}} {{.Binaries}}/amass enum -config {{.Data}}/configs/amass.ini -d {{.Target}} -o {{.Output}}/subdomain/{{.Workspace}}-amass.txt > /dev/null 2>&1"
      - "{{.Binaries}}/assetfinder -subs-only {{.Target}} > {{.Output}}/subdomain/{{.Workspace}}-assetfinder.txt"
  # these 3 commands will run in parallels
  - commands:
      - "{{.Binaries}}/findomain -u {{.Output}}/subdomain/{{.Workspace}}-findomain.txt -t {{.Target}} > /dev/null 2>&1"
      - "{{.Binaries}}/subfinder -d {{.Target}} -t {{.subfinderThreads}} -o {{.Output}}/subdomain/{{.Workspace}}-subfinder.txt > /dev/null 2>&1"
      # your new tool here
      - "awesome-subdomain-enum -t {{.Target}} >> {{.Output}}/subdomain/sum-{{.Workspace}}.txt"

# --snippet--

4. Writing a new flow

Create a new flow file at ~/osmedeus-base/workflow/your-workflow.yaml by customize the general flow file.

If you want to use your own modules, you can change the type: general to type: you-workflow specify the folder of your modules.

name: your-workflow
desc: run subdomain enumeration and content discovery
type: general # this is mean module file will be read from `~/osmedeus-base/workflow/general/` folder
validator: domain

routines:
  - modules:
      - subdomain
  - modules:
      - probing
  - modules:
      - dirbscan

Now you can run your workflow with this command osmedeus scan -f your-workflow -t sample.com


5. Writing a new module

5.1 Add a new module to exsting workflow

Create a new module file at ~/osmedeus-base/workflow/general/your-module.yaml by adding a new module file to the general.yaml flow file.

name: general
desc: run normal routine
type: general
validator: domain

routines:
  - modules:
      - subdomain
  - modules:
      - probing
  - modules:
      - fingerprint
  - modules:
      - screenshot
  - modules:
      - spider
  - modules:
      - sto
      - archive
      - ipspace
  - modules:
      - vulnscan
  - modules:
      - dirbscan
  - modules:
      - portscan
  - modules:
      - your-module

Now you can run your workflow with this command osmedeus scan -f general -t sample.com

Back to top